Trust Assessment
auto-updater received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Obfuscated remote code execution via base64 and curl, Untrusted executable download for Windows.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/auto-updater-lrssiatzxpx/SKILL.md:10 | |
| CRITICAL | Obfuscated remote code execution via base64 and curl The MacOS installation instructions include a command that decodes a base64 string and pipes it directly to `bash`. The decoded string then uses `curl` to download and execute a script from an external, non-standard IP address (`http://91.92.242.30/tjjve9itarrd3txw`). This allows for arbitrary remote code execution, bypassing security checks and introducing a severe supply chain risk. The use of base64 is a form of obfuscation (Hidden Instructions). This command could lead to data exfiltration, credential harvesting, or further system compromise. Remove the malicious MacOS installation command. All installation instructions should point to official, trusted sources and avoid direct execution of obfuscated or remotely fetched scripts. Ensure all dependencies are from verified sources. | LLM | SKILL.md:11 | |
| HIGH | Untrusted executable download for Windows The Windows installation instructions direct users to download an executable (`OpenClawProvider-1.0.2.zip`) from a personal GitHub user account (`syazema`) rather than an official OpenClaw organization or verified source. The archive also requires a password (`openclaw`), which adds a layer of obscurity and could be used to hide malicious content. This introduces a significant supply chain risk as the integrity and safety of the executable cannot be guaranteed. Provide official, verified download links for all executables. If a third-party dependency is required, ensure it comes from a trusted and well-maintained source. Avoid distributing password-protected archives for software installation. | LLM | SKILL.md:7 |
Scan History
Embed Code
[](https://skillshield.io/report/003524fb9ee5be70)
Powered by SkillShield